Android

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user Emma Krummenacher

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added Exceptions section

Start copying here:

This rule was developed in part by <participant names here> at the October 20-22, 2017 OurCS Workshop (http://www.cs.cmu.edu/ourcs/register.html).
For more information about this statement, see the About the OurCS Workshop page.

End copying here.

Warning
titleUnder Construction
This guideline is under construction. 

 

This is just a place holder for now.

The rule will say not to trust libraries, paths to libraries that are in world writable media, and do not process data from world writable sources.  However, I do not see anything here that is Android specific.

Is there something particular about Android that makes this sort of behaviour more likely?

In this space, describe the overall rule.

Noncompliant Code Example

...

Code Block
bgColor#CCCCFF
TBD

Exceptions

 

Risk Assessment

TBDSummary of risk assessment.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DRD12-JTBD

High 

Probable 

Medium 

P12 

L1 

Automated Detection

Tool

Version

Checker

Description

TBD 


 

Related Vulnerabilities

Hyperlink black-font text "the CERT website" below, with URL as follows: https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+<RULE_ID>

In the URL example above, <RULE_ID> should be substituted by this CERT guideline ID (e.g., INT31-C). Then, remove this purple-font paragraph.

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Fill in the table below with at least one entry row, per these instructions, then remove this purple-font section.

 TBD (e.g., MITRE CWE) 

Bibliography

[TBD] 

 

 

Image Removed Image Removed Image Removed